“Vault 7”, CIA hack tools [Julian Assange/WikiLeaks]
So this is actually a week old, just about. Honestly unsurprising, but still extremely significant.
Here’s the Wikileaks Julian Assange press conference, 2017.03.09 (search for that if replacement video is needed). [via Dandelion Salad]
Important bits I would like to highlight in the video:
- Statement from Microsoft, at 0:09:30.
- Discussion of accountability, at 0:28:40.
Other relevant issues brought up by Assange that I would like to focus on – on the balance between the CIA’s legitimate security role vs its periodic overtly criminal excesses, which come to light every 5-10 years. The balance is between the need for secrecy for the former, vs the need for public visibility to regulate and rein in the latter. Thus the unpleasant questions about trustworthiness.
Both from within the video:
- In 2014, US senate intelligence committee censures CIA for hacking the Senate committee’s investigation of Torture, which was conducted by the CIA (among others).
- IP address records allegedly show CIA has compromised 20,000+ machines with IP addresses within the US. These IP’s are not necessarily the “ultimate” target, they may be intermediate “victims” used as staging points to attack a target elsewhere. But in terms of jurisdiction, breaking into random computers in the US appears to be improper for the CIA.
Some tangential thoughts:
- The technological issues in this wikileaks release show that for the CIA (and other clandestine agencies around the world), current technological capabilities, among other actions that they enable, invite agency efforts to attack/defeat any public oversight – by denying whistleblowers and investigative journalists the ability to communicate without retaliation.
- In some ways, the carte blanche the CIA receives from the point of view of the US legal system, is actually in opposition to the goal of rule-of-law internationally.
- That is, while the CIA’s more morally ambiguous activities are explicitly legalized within the US law due to national security, they are explicitly illegal in the jurisdictions in which they are intended to operate. Of course the reverse is true as well for any other country. This is the nature of their work and is unavoidable – But, it becomes a loophole in international norms that is abused.
- The US has the de-facto role of world-police, and is funneling many of its world-police functions through the loophole which exempts clandestine services from national (and international) oversight, or makes such oversight invisible (and thus untrustworthy from the point of view of most of the world).
- The US along with the other UNSC P5 face only minimal accountability in the international system, so no outside power will change this condition.
- Exemption of world-police functions from oversight brings up the question of whether rule-of-law is a typical or atypical condition.
- At the very least, from the point of view of fostering international norms, world-police functions should be separated from national clandestine-security functions. This should be a focal point of discussions of international norms.